All Apps and Add-ons

Need a Splunk App for McAfee that uses Splunk Add-on for McAfee

ggb667
New Member

Hello. I plan on installing the Splunk Add-on for McAfee and i need to monitor:

McAfee Endpoint Security for Linux Firewall 10.6.6 105
McAfee Endpoint Security for Linux Threat Protection 10.6.6 107
McAfee Agent for Linux 5.6.2
McAfee Policy Auditor Agent for Linux 6.4.3
Asset Configuration Compliance Module - LNX 3.2.4

I was hoping for a "Splunk McAfee App" that would go hand in hand with the "Add-On" for visualizations, but all I'm finding are bits and pieces here and there. Is there an app for this, or am I going to have to build this myself and rely on my own Splunk Deployment Monitor derived components for monitoring McAfee components?

I'm new to apps and add-on components for Splunk.

Thanks

0 Karma
1 Solution

PavelP
Motivator

McAfee Agent reports to ePO so what you need is to send ePO logs to Splunk. Not sure about Policy Auditor and Compliance Module though

View solution in original post

0 Karma

PavelP
Motivator

McAfee Agent reports to ePO so what you need is to send ePO logs to Splunk. Not sure about Policy Auditor and Compliance Module though

0 Karma
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...